package cn.uin.domain.auth.service.user.login.phone;

import cn.uin.domain.auth.adapter.repository.IAuthRepository;
import cn.uin.domain.auth.model.entity.HomeMenuEntity;
import cn.uin.domain.auth.model.entity.HomeRoleEntity;
import cn.uin.domain.auth.model.entity.HomeUserEntity;
import cn.uin.domain.auth.service.user.login.email.EmailCodeAuthenticationToken;
import cn.uin.types.enums.ResponseCode;
import cn.uin.types.exception.AppException;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.util.CollectionUtils;
import org.springframework.util.ObjectUtils;

import java.io.Serializable;
import java.util.*;
import java.util.stream.Collectors;

/**
 * @Auther: uIn
 * @Date: 2025/10/26 - 10 - 26 - 17:02
 * @Description: 手机号登录认证信息处理
 * @version: 1.0
 */
@Slf4j
public class PhoneLoginProvider implements AuthenticationProvider, Serializable {

    private IAuthRepository iAuthRepository;

    public PhoneLoginProvider(IAuthRepository iAuthRepository) {
        this.iAuthRepository = iAuthRepository;
    }

    @Override
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        if (!supports(authentication.getClass())) {
            return null;
        }
        PhoneCodeAuthenticationToken phoneCodeAuthenticationToken = (PhoneCodeAuthenticationToken) authentication;
        String phone = (String) phoneCodeAuthenticationToken.getPrincipal();
        HomeUserEntity homeUserEntity = iAuthRepository.queryUserByUserPhone(phone);
        if (ObjectUtils.isEmpty(homeUserEntity)) {
            throw new AppException(ResponseCode.A0009.getCode(), ResponseCode.A0009.getInfo());
        }

        PhoneCodeAuthenticationToken truthToken = new PhoneCodeAuthenticationToken(phone, buildAuthority(homeUserEntity.getUsername()));
        truthToken.setDetails(phoneCodeAuthenticationToken.getDetails());
        return truthToken;
    }

    /**
     * 构建用户权限菜单
     * @param username
     * @return
     */
    private Collection<? extends GrantedAuthority> buildAuthority(String username) {
        List<HomeMenuEntity> menus = iAuthRepository.queryMenusByUserName(username);
        List<SimpleGrantedAuthority> authorities = new ArrayList<>();
        if (!CollectionUtils.isEmpty(menus)) {
            for (HomeMenuEntity authority : menus) {
                SimpleGrantedAuthority auth = new SimpleGrantedAuthority(authority.getMenuCode());
                authorities.add(auth);
            }
        }
        return authorities;
    }

    @Override
    public boolean supports(Class<?> authentication) {
        return (PhoneCodeAuthenticationToken.class.isAssignableFrom(authentication));
    }
}
